Thank you very much, Joshua (and thank you all) I have tried: (code) <VirtualHost *:443> DocumentRoot "/disc/html/https" ServerName secure.foo.com .... <Directory /disc/html/https/intranet> Order Deny,Allow Deny from All # Allow from env=intranet </Directory> .... </VirtualHost> (/code) And it does not work. I still can connect to /intranet... I also tried: (code) <VirtualHost *:443> DocumentRoot "/disc/html/https" ServerName secure.foo.com .... <Location /intranet/> Order Deny,Allow Deny from All # Allow from env=intranet </Location> ... </VirtualHost> (/code) ... It just dont work..Now i must review the entire configuration (it is a kinda complicated configuration, lots of sites and files), looking for something that could be overriding this directive. I will let you know if i find out something...
Thank you all again. And if anyone else have any idea, i will be grateful. Joshua Slive escribió:
On 9/13/07, J.M. Castroagudin <jose.castroagudin@xxxxxxxxx> wrote:Hi everybody, I have been trying to limit access to certain 'directories' (inside a https vhost) based on IP directives. Something like this: SetEnvIf remote_addr W.X.Y.Z intranet SetEnvIf Client-ip W.X.Y.Z intranet <VirtualHost *:443> DocumentRoot "/disc/html/https" ServerName secure.foo.com .... <Directory /disc/html/https/intranet> Order Deny,Allow Deny from All Allow from env=intranet </Directory> .... </VirtualHost> There is only a https virtual host in this server. But it seems not to work as expected. Accesing via 'http://secure.foo.com', Deny and Allow directives work right (it is defined before in conf file). Although, entering via 'https://secure.foo.com', everybody has acces to this directory...Start by replacing your mod_setenvif-based config with a simple "Deny from all" and make sure that works. If it doesn't work, you likely have something else in the config file overriding it. For example, directives in <Location> sections will override <Directory> sections. Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
--------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx